Forum Discussion

New Contributor

4 years ago

Solved

New CVE-2021-45105 for log4j

On december 19th a new vulnerability was found in log4j 2.16.0 Are there any plans to upgrade to log4j 2.17.0 as suggested by Apache? As long as this upgrrade is not implemented, I am not allowed to use SOAP UI which makes my test work much more difficult

sonya_m
4 years ago
Hi doom71, there's a fresh update on that on the SmartBear site, please refer to this page: https://smartbear.com/security/cve-2021-44228/
HKosova
4 years ago
doom71 we've released SoapUI 5.7.0 which uses Log4j 2.17.1

https://github.com/SmartBear/soapui/releases

4 Replies

sonya_m
Alumni
4 years ago
Copy Link
Hi doom71, there's a fresh update on that on the SmartBear site, please refer to this page: https://smartbear.com/security/cve-2021-44228/
- doom71
  New Contributor
  4 years ago
  Copy Link
  Ah yes. Didn't know that page was available. Thanks for your quick reply 👍
  - HKosova
    Alumni
    4 years ago
    Copy Link
    doom71 we've released SoapUI 5.7.0 which uses Log4j 2.17.1
    
    https://github.com/SmartBear/soapui/releases